Questions tagged with Developer Tools

In my CDK project, I use a lot of Docker images for various services. These images are for different platforms, since Fargate doesn't support Spot ARM64. Building all of these images on my own machine (an Apple M1 Pro) can be quite cumbersome. Out of curiosity, I was wondering if there is a convenient way to build these Docker images on AWS. Ideally, when I run 'cdk deploy --all', it would upload my assets to AWS, build the Docker images, and publish the results on ECR. Do you have any ideas on how I could achieve this?lg...

Let us say, I have 2 API gateways in 1 single project, is there any option to deploy multiple API gateways at once ? Or we have to manually deploy each API Gateway ? What is the best CICD option for this use case ?lg...

**Describe the Error** Running IDT shows error in cloudcomponent log ``` the Greengrass deployment is COMPLETED on the device after 180 seconds ``` comes up with ``` 2023-Mar-29 10:22:22,494 [cloudComponent] [idt-c057b1fc3d6bc618a399] [ERROR] greengrass/features/cloudComponent.feature - Failed at step: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' java.lang.IllegalStateException: Deployment idt-c057b1fc3d6bc618a399-gg-deployment did not reach COMPLETED at com.aws.greengrass.testing.features.DeploymentSteps.deploymentSucceeds(DeploymentSteps.java:311) ~[AWSGreengrassV2TestingIDT-1.0.jar:?] at ✽.the Greengrass deployment is COMPLETED on the device after 180 seconds(classpath:greengrass/features/cloudComponent.feature:26) ~[?:?] 2023-Mar-29 10:22:22,510 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'the com.aws.HelloWorld log on the device contains the line "Hello World!!" within 20 seconds' with status SKIPPED ``` ``` 2023-03-28T05:33:39.019Z [ERROR] (Copier) com.aws.greengrass.util.orchestration.SystemdUtils: systemd-setup. {stderr=Created symlink /etc/systemd/system/multi-user.target.wants/greengrass.service → /etc/systemd/system/greengrass.service., command=systemctl enable greengrass.service} ``` it seems like the mqtt test also have same error in the log after a couple times of trying not sure the problem related to the error but some how the mqtt test pass ``` ./mqtt/mqttpubsub/greengrass_2023_03_29_01_0.log:2023-03-29T01:59:34.313Z [ERROR] (Copier) com.aws.greengrass.util.orchestration.SystemdUtils: systemd-setup. {stderr=Created symlink /etc/systemd/system/multi-user.target.wants/greengrass.service → /etc/systemd/system/greengrass.service., command=systemctl enable greengrass.service} ``` Details: I am tyring to use IDT for greengrass v2 following https://docs.aws.amazon.com/greengrass/v2/developerguide/device-config-setup.html by following the official guide after by launching greengrass with `sudo -E java -Droot="/test/greengrass/v2" -Dlog.store=FILE -jar ./GreengrassInstaller/lib/Greengrass.jar --aws-region us-west-2 --thing-name IM30 --thing-group-name GreengrassQuickStartGroup_test --component-default-user root:root --provision true --setup-system-service true --deploy-dev-tools true` it shows "Successfully set up Nucleus as a system service" while watching systemctl status greengrass.service ``` root@i350-evk:/test/greengrass/v2# systemctl status greengrass.service ● greengrass.service - Greengrass Core Loaded: loaded (/etc/systemd/system/greengrass.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2023-03-29 02:46:35 UTC; 16s ago Main PID: 11178 (sh) Tasks: 68 (limit: 3443) Memory: 277.0M CGroup: /system.slice/greengrass.service ├─11178 /bin/sh /test/greengrass/v2/alts/current/distro/bin/loader └─11182 java -Dlog.store=FILE -Dlog.store=FILE -Droot=/test/greengrass/v2 -jar /test/greengrass/v2/alts/current/distro/lib/Greengrass.jar --setup-system-service false Mar 29 02:46:35 i350-evk systemd[1]: Started Greengrass Core. Mar 29 02:46:35 i350-evk sh[11178]: Greengrass root: /test/greengrass/v2 Mar 29 02:46:35 i350-evk sh[11178]: Java executable: java Mar 29 02:46:35 i350-evk sh[11178]: JVM options: -Dlog.store=FILE -Droot=/test/greengrass/v2 Mar 29 02:46:35 i350-evk sh[11178]: Nucleus options: --setup-system-service false Mar 29 02:46:39 i350-evk sh[11182]: Launching Nucleus... Mar 29 02:46:46 i350-evk sh[11182]: Launched Nucleus successfully. ``` my effectiveConfig.yaml : ``` --- system: certificateFilePath: "/test/greengrass/v2/thingCert.crt" privateKeyPath: "/test/greengrass/v2/privKey.key" rootCaPath: "/test/greengrass/v2/rootCA.pem" rootpath: "/test/greengrass/v2" thingName: "IM30" services: aws.greengrass.LocalHelloWorld: componentType: "GENERIC" configuration: {} dependencies: [] lifecycle: Run: "java -DcomponentName=\"HelloWorld\" -jar /test/greengrass/v2/packages/artifacts/aws.greengrass.LocalHelloWorld/1.0.0/cloudcomponent.jar" version: "1.0.0" aws.greengrass.Nucleus: componentType: "NUCLEUS" configuration: awsRegion: "us-west-2" componentStoreMaxSizeBytes: "10000000000" deploymentPollingFrequencySeconds: "15" envStage: "prod" fleetStatus: periodicStatusPublishIntervalSeconds: 86400 greengrassDataPlaneEndpoint: "" greengrassDataPlanePort: "8443" httpClient: {} interpolateComponentConfiguration: false iotCredEndpoint: "xxx.credentials.iot.us-west-2.amazonaws.com" iotDataEndpoint: "xxx-ats.iot.us-west-2.amazonaws.com" iotRoleAlias: "GreengrassV2TokenExchangeRoleAlias" jvmOptions: "-Dlog.store=FILE" logging: {} mqtt: spooler: {} networkProxy: proxy: {} platformOverride: {} runWithDefault: posixShell: "sh" posixUser: "root:root" telemetry: {} dependencies: [] lifecycle: bootstrap: requiresPrivilege: "true" script: "\nset -eu\nKERNEL_ROOT=\"/test/greengrass/v2\"\nUNPACK_DIR=\"/test/greengrass/v2/packages/artifacts-unarchived/aws.greengrass.Nucleus/2.9.4/aws.greengrass.nucleus\"\ \nrm -r \"$KERNEL_ROOT\"/alts/current/*\necho \"-Dlog.store=FILE\" > \"\ $KERNEL_ROOT/alts/current/launch.params\"\nln -sf \"$UNPACK_DIR\" \"$KERNEL_ROOT/alts/current/distro\"\ \nexit 100" version: "2.9.4" DeploymentService: ComponentToGroups: aws.greengrass.LocalHelloWorld: "4e69ead5-a595-4b96-a7c8-45da74475fe0": "LOCAL_DEPLOYMENT" dependencies: [] GroupToLastDeployment: LOCAL_DEPLOYMENT: configArn: null timestamp: 1679992938275 thing/IM30: configArn: "arn:aws:greengrass:us-west-2:116407744508:configuration:thing/IM30:111" timestamp: 1679993636499 thinggroup/GreengrassQuickStartGroup_test: configArn: "arn:aws:greengrass:us-west-2:116407744508:configuration:thinggroup/GreengrassQuickStartGroup_test:51" timestamp: 1679993661994 GroupToRootComponents: LOCAL_DEPLOYMENT: aws.greengrass.LocalHelloWorld: groupConfigArn: "4e69ead5-a595-4b96-a7c8-45da74475fe0" groupConfigName: "LOCAL_DEPLOYMENT" version: "1.0.0" thing/IM30: {} thinggroup/GreengrassQuickStartGroup_test: {} runtime: ProcessedDeployments: "1679993661353": ConfigurationArn: "arn:aws:greengrass:us-west-2:116407744508:configuration:thing/IM30:111" DeploymentId: "arn:aws:greengrass:us-west-2:116407744508:configuration:thing/IM30:111" DeploymentRootPackages: [] DeploymentStatus: "SUCCEEDED" DeploymentStatusDetails: detailed-deployment-status: "SUCCESSFUL" DeploymentType: "SHADOW" GreengrassDeploymentId: "ef974963-4dfe-49a4-a1fc-73c8aa49a545" version: "0.0.0" FleetStatusService: dependencies: [] lastPeriodicUpdateTime: 1679981624527 sequenceNumber: 122 version: "0.0.0" main: dependencies: - "FleetStatusService:HARD" - "DeploymentService:HARD" - "aws.greengrass.LocalHelloWorld" - "TelemetryAgent:HARD" - "aws.greengrass.Nucleus" - "UpdateSystemPolicyService:HARD" - "aws.greengrass.Nucleus" lifecycle: {} runtime: service-digest: {} TelemetryAgent: dependencies: [] runtime: lastPeriodicAggregationMetricsTime: 1679981624784 lastPeriodicPublishMetricsTime: 1679981624784 version: "0.0.0" UpdateSystemPolicyService: dependencies: [] version: "0.0.0" ``` however while I launch the deployment of idt with command: `./devicetester_linux_x86-64 run-suite --suite-id GGV2Q_2.5.0 --userdate userdata.json` the test_manager.log in idt shows ``` [ERROR] [2023-03-28 16:56:12]: Test exited unsuccessfully testCaseId=cloudcomponent error=exit status 1 executionId=9f12b10c-cd42-11ed-bb24-080027641c32 [INFO] [2023-03-28 16:56:12]: All tests finished. executionId=9f12b10c-cd42-11ed-bb24-080027641c32 [INFO] [2023-03-28 16:56:13]: ========== Test Summary ========== Execution Time: 26m50s Tests Completed: 7 Tests Passed: 6 Tests Failed: 1 Tests Skipped: 0 ---------------------------------- Test Groups: lambdadeployment: PASSED mqtt: PASSED component: FAILED pretestvalidation: PASSED coredependencies: PASSED version: PASSED ---------------------------------- Failed Tests: Group Name: component Test Name: cloudcomponent Reason: Failed at 'the Greengrass deployment is COMPLETED on the device after 180 seconds' ---------------------------------- Path to AWS IoT Device Tester Report: /home/user/test/devicetester_greengrass_v2_linux/results/20230328T162913/awsiotdevicetester_report.xml Path to Test Execution Logs: /home/user/test/devicetester_greengrass_v2_linux/results/20230328T162913/logs Path to Aggregated JUnit Report: /home/user/test/devicetester_greengrass_v2_linux/results/20230328T162913/GGV2Q_Report.xml ================================== ``` logs/component/cloudcomponent greengrass_2023_03_28_05_0.log shows: ``` 2023-03-28T05:33:10.582Z [INFO] (main) com.aws.greengrass.deployment.DeviceConfiguration: Copy Nucleus artifacts to component store. {destination=/test/greengrass/v2/packages/artifacts-unarchived/aws.greengrass.Nucleus/2.9.4/aws.greengrass.nucleus, source=/test/GreengrassInstaller} 2023-03-28T05:33:37.517Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: Waiting for services to shutdown. {} 2023-03-28T05:33:37.543Z [INFO] (main) com.aws.greengrass.lifecyclemanager.Kernel: effective-config-dump-complete. {file=/test/greengrass/v2/config/effectiveConfig.yaml} 2023-03-28T05:33:39.019Z [ERROR] (Copier) com.aws.greengrass.util.orchestration.SystemdUtils: systemd-setup. {stderr=Created symlink /etc/systemd/system/multi-user.target.wants/greengrass.service → /etc/systemd/system/greengrass.service., command=systemctl enable greengrass.service} 2023-03-28T05:33:39.889Z [INFO] (main) com.aws.greengrass.util.orchestration.SystemdUtils: systemd-setup. Successfully set up systemd service. {} 2023-03-28T05:33:39.891Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: system-shutdown. {main=null} 2023-03-28T05:33:39.902Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: Waiting for services to shutdown. {} 2023-03-28T05:33:39.933Z [INFO] (main) com.aws.greengrass.lifecyclemanager.Kernel: effective-config-dump-complete. {file=/test/greengrass/v2/config/effectiveConfig.yaml} 2023-03-28T05:33:39.937Z [INFO] (Serialized listener processor) com.aws.greengrass.lifecyclemanager.KernelLifecycle: executor-service-shutdown-initiated. {} 2023-03-28T05:33:39.938Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: Waiting for executors to shutdown. {} 2023-03-28T05:33:39.940Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: executor-service-shutdown-complete. {executor-terminated=true, scheduled-executor-terminated=true} 2023-03-28T05:33:39.941Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: context-shutdown-initiated. {} 2023-03-28T05:33:39.945Z [INFO] (main) com.aws.greengrass.lifecyclemanager.KernelLifecycle: context-shutdown-complete. {} ``` greengrass-test-run.log shows: ``` 2023-Mar-29 10:19:21,514 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'I create a Greengrass deployment with components' with status PASSED 2023-Mar-29 10:19:22,164 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created GreengrassDeployment in GreengrassV2Lifecycle 2023-Mar-29 10:19:22,165 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] com.aws.greengrass.testing.features.DeploymentSteps - Created Greengrass deployment: fe860f32-3236-4493-b71d-56e585382c0c 2023-Mar-29 10:19:22,166 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'I deploy the Greengrass deployment configuration to thing group' with status PASSED 2023-Mar-29 10:22:22,494 [cloudComponent] [idt-c057b1fc3d6bc618a399] [ERROR] greengrass/features/cloudComponent.feature - Failed at step: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' java.lang.IllegalStateException: Deployment idt-c057b1fc3d6bc618a399-gg-deployment did not reach COMPLETED at com.aws.greengrass.testing.features.DeploymentSteps.deploymentSucceeds(DeploymentSteps.java:311) ~[AWSGreengrassV2TestingIDT-1.0.jar:?] at ✽.the Greengrass deployment is COMPLETED on the device after 180 seconds(classpath:greengrass/features/cloudComponent.feature:26) ~[?:?] 2023-Mar-29 10:22:22,510 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'the com.aws.HelloWorld log on the device contains the line "Hello World!!" within 20 seconds' with status SKIPPED 2023-Mar-29 10:22:22,511 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'I create a Greengrass deployment with components' with status SKIPPED 2023-Mar-29 10:22:22,512 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'I deploy the Greengrass deployment configuration to thing group' with status SKIPPED 2023-Mar-29 10:22:22,513 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' with status SKIPPED 2023-Mar-29 10:22:22,513 [cloudComponent] [idt-c057b1fc3d6bc618a399] [INFO] greengrass/features/cloudComponent.feature - Finished step: 'the com.aws.HelloWorld log on the device contains the line "Hello World Updated!!" within 20 seconds' with status SKIPPED ``` **To Reproduce** See above. **Expected behavior** IDT for greengrass v2 pass all of the test **Actual behavior** IDT for greengrass v2 failed on cloud component test **Environment** - OS: device for greengrass Yocto linux aarch64 - device for idt Ubuntu 22.04.1 LTS - JDK version:"openjdk version "1.8.0_282" - //also have test with amazon-corretto-17.0.6.10.1-linux-aarch64 - https://docs.aws.amazon.com/corretto/latest/corretto-17-ug/downloads-list.html - seems the error still happened - Nucleus version:2.9.4 - IDT version:4.7.0 **Additional context** Notice the same error on https://github.com/aws-greengrass/aws-greengrass-nucleus/issues/876#issuecomment-786948524 not sure if it is related but other test Passlg...

I followed the tutorial <https://docs.aws.amazon.com/ja_jp/managed-blockchain/latest/hyperledger-fabric-dev/managed-blockchain-get-started-tutorial.html> and completed Step 1 to Step 7, and successfully deployed the chaincode to the network. Here is the query result: ```log $ peer lifecycle chaincode queryinstalled Installed chaincodes on peer: Package ID: abctest_1.0:957504a77be8fdbcaf6fac1707822f1620442d7a93f8c5d96f8b788ddda79022, Label: abctest_1.0 ``` fabric-ca-client tools enroll the admin and got the admin_msp like this: ``` $ tree . ├── admin-msp │   ├── IssuerPublicKey │   ├── IssuerRevocationPublicKey │   ├── admincerts │   │   └── cert.pem │   ├── cacerts │   │   └── ca-m-bz5qr6rhcveqxfjyjfrtaioe5e-n-j2ib55zmyree5fieloktt3ttim-managedblockchain-ap-northeast-1-amazonaws-com-30002.pem │   ├── keystore │   │   ├── 3e7e4b7f840f8a209b178afefb63e207f336cfd7101c612d8a8acefda8a59504_sk │   │   ├── c8be8052c5888e713b82317296f0a636a07c6375fcb922cb06833f8ebffa6139_sk │   │   └── e12f734b4044befcce7fae67c394fff9416123414814c3553dab1036b99361b9_sk │   ├── signcerts │   │   └── cert.pem │   └── user └── fabric-ca-client-config.yaml ``` i try to write a client application to connect the network. ```ts import FabricCAServices from "fabric-ca-client"; import * as config from "./config"; import { Gateway, GatewayOptions, Wallets, Wallet } from "fabric-network"; import * as path from "path"; const createWallet = async (): Promise<Wallet> => { const walletPath = path.resolve(process.cwd(), "wallet"); const wallet = await buildWallet(walletPath); return wallet; }; const buildWallet = async (walletPath: string): Promise<Wallet> => { let wallet: Wallet; if (walletPath) { wallet = await Wallets.newFileSystemWallet(walletPath); } else { wallet = await Wallets.newInMemoryWallet(); } return wallet; }; const buildCAClient = ( ccp: Record<string, any>, caHostName: string ): FabricCAServices => { // Create a new CA client for interacting with the CA. const caInfo = ccp.certificateAuthorities[caHostName]; // lookup CA details from config const caTLSCACerts = caInfo.tlsCACerts.pem; const caClient = new FabricCAServices( caInfo.url, { trustedRoots: caTLSCACerts, verify: false }, caInfo.caName ); return caClient; }; const enrollAdmin = async ( caClient: FabricCAServices, wallet: Wallet, orgMspId: string ): Promise<void> => { try { // Check to see if we've already enrolled the admin user. const identity = await wallet.get(config.adminUserId); if (identity) { return; } // Enroll the admin user, and import the new identity into the wallet. const enrollment = await caClient.enroll({ enrollmentID: config.adminUserId, enrollmentSecret: config.adminUserPasswd, }); const x509Identity = { credentials: { certificate: enrollment.certificate, privateKey: enrollment.key.toBytes(), }, mspId: orgMspId, type: "X.509", }; await wallet.put(config.adminUserId, x509Identity); console.log( "Successfully enrolled admin user and imported it into the wallet" ); } catch (error) { console.error(`Failed to enroll admin user : ${error}`); } }; const createGateway = async ( connectionProfile: Record<string, any>, identity: string, wallet: Wallet ): Promise<Gateway> => { const gateway = new Gateway(); const options: GatewayOptions = { wallet, identity, discovery: { enabled: false, asLocalhost: true }, }; await gateway.connect(connectionProfile, options); return gateway; }; async function main() { const wallet = await createWallet(); const ccp = config.connectionProfile; const caClient = buildCAClient(ccp, config.caHostName); // ca.org.SDL.aws.com await enrollAdmin(caClient, wallet, config.adminUserId); const gatewayOrg1 = await createGateway( config.connectionProfile, config.adminUserId, wallet ); } main(); ``` Also I use this template to generate connect profile. ```json { "name": "${NETWORKNAME}-${MEMBERNAME}", "version": "1.0.0", "client": { "organization": "${MEMBERNAME}", "connection": { "timeout": { "peer": { "endorser": "300" } } } }, "organizations": { "${MEMBERNAME}": { "mspid": "${MEMBERID}", "peers": ["peer0.org.${MEMBERNAME}.aws.com"], "certificateAuthorities": ["ca.org.${MEMBERNAME}.aws.com"] } }, "peers": { "peer0.org.${MEMBERNAME}.aws.com": { "url": "grpcs://${PEERSERVICEENDPOINT}", "tlsCACerts": { "pem": "${PEERPEM}" }, "grpcOptions": { "ssl-target-name-override": "peer0.org.${MEMBERNAME}.aws.com", "hostnameOverride": "peer0.org.${MEMBERNAME}.aws.com" } } }, "certificateAuthorities": { "ca.org.${MEMBERNAME}.aws.com": { "url": "https://${CASERVICEENDPOINT}", "caName": "${MEMBERID}", "tlsCACerts": { "pem": ["${CAPEM}"] }, "httpOptions": { "verify": false } } } } ``` the $PEERPEM = `admin_msp/signcerts/cert.pem` and $CAPEM= `admin_msp/signcerts/cert.pem` the finnal connect profile: ```json { "name": "LocalCoinNetwork-SDL", "version": "1.0.0", "client": { "organization": "SDL", "connection": { "timeout": { "peer": { "endorser": "300" } } } }, "organizations": { "SDL": { "mspid": "m-BZ5QR6RHCVEQXFJYJFRTAIOE5E", "peers": ["peer0.org.SDL.aws.com"], "certificateAuthorities": ["ca.org.SDL.aws.com"] } }, "peers": { "peer0.org.SDL.aws.com": { "url": "grpcs://nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003", "tlsCACerts": { "pem": "-----BEGIN CERTIFICATE-----\nMIIC8zCCApmgAwIBAgIUE37UHZ+ceYFu28QAwGXteREOfWEwCgYIKoZIzj0EAwIw\ngawxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdT\nZWF0dGxlMSIwIAYDVQQKExlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMSIwIAYD\nVQQLExlBbWF6b24gTWFuYWdlZCBCbG9ja2NoYWluMS4wLAYDVQQDEyVTREwgQW1h\nem9uIE1hbmFnZWQgQmxvY2tjaGFpbiBSb290IENBMB4XDTIzMDMyNzE2MzAwMFoX\nDTMzMDMyNDE2MzUwMFowaTELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENh\ncm9saW5hMRQwEgYDVQQKEwtIeXBlcmxlZGdlcjEbMAoGA1UECxMDU0RMMA0GA1UE\nCxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49AwEH\nA0IABOR5XwEVuPWPFm1v9sgEtFRs847Vj4ArM7olxLBNh32DUG/ZLYETec2WJwS9\nYIXYXw8ovl+GrGbpn4rFCSDDZyyjgdowgdcwDgYDVR0PAQH/BAQDAgeAMAwGA1Ud\nEwEB/wQCMAAwHQYDVR0OBBYEFFVmufxkUSshWeZKubaR99QdMu6hMB8GA1UdIwQY\nMBaAFIeBsKCQ8SWeJS6JPxVpSm5Zwg5ZMBoGA1UdEQQTMBGCD2lwLTEwLTAtMTY4\nLTI0NzBbBggqAwQFBgcIAQRPeyJhdHRycyI6eyJoZi5BZmZpbGlhdGlvbiI6IlNE\nTCIsImhmLkVucm9sbG1lbnRJRCI6ImFkbWluIiwiaGYuVHlwZSI6ImNsaWVudCJ9\nfTAKBggqhkjOPQQDAgNIADBFAiEAvf+z1GDS9roj1XcH4yMwyJKaYpxeQK/4YTul\nu7CVX2ECIFfQvMj5lBQZUH6/C1B0T1p+5IYtukpcKf9rS4n6k1hE\n-----END CERTIFICATE-----\n" }, "grpcOptions": { "ssl-target-name-override": "peer0.org.SDL.aws.com", "hostnameOverride": "peer0.org.SDL.aws.com" } } }, "certificateAuthorities": { "ca.org.SDL.aws.com": { "url": "https://ca.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30002", "caName": "m-BZ5QR6RHCVEQXFJYJFRTAIOE5E", "tlsCACerts": { "pem": [ "-----BEGIN CERTIFICATE-----\nMIIC8zCCApmgAwIBAgIUE37UHZ+ceYFu28QAwGXteREOfWEwCgYIKoZIzj0EAwIw\ngawxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdT\nZWF0dGxlMSIwIAYDVQQKExlBbWF6b24gV2ViIFNlcnZpY2VzLCBJbmMuMSIwIAYD\nVQQLExlBbWF6b24gTWFuYWdlZCBCbG9ja2NoYWluMS4wLAYDVQQDEyVTREwgQW1h\nem9uIE1hbmFnZWQgQmxvY2tjaGFpbiBSb290IENBMB4XDTIzMDMyNzE2MzAwMFoX\nDTMzMDMyNDE2MzUwMFowaTELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENh\ncm9saW5hMRQwEgYDVQQKEwtIeXBlcmxlZGdlcjEbMAoGA1UECxMDU0RMMA0GA1UE\nCxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49AwEH\nA0IABOR5XwEVuPWPFm1v9sgEtFRs847Vj4ArM7olxLBNh32DUG/ZLYETec2WJwS9\nYIXYXw8ovl+GrGbpn4rFCSDDZyyjgdowgdcwDgYDVR0PAQH/BAQDAgeAMAwGA1Ud\nEwEB/wQCMAAwHQYDVR0OBBYEFFVmufxkUSshWeZKubaR99QdMu6hMB8GA1UdIwQY\nMBaAFIeBsKCQ8SWeJS6JPxVpSm5Zwg5ZMBoGA1UdEQQTMBGCD2lwLTEwLTAtMTY4\nLTI0NzBbBggqAwQFBgcIAQRPeyJhdHRycyI6eyJoZi5BZmZpbGlhdGlvbiI6IlNE\nTCIsImhmLkVucm9sbG1lbnRJRCI6ImFkbWluIiwiaGYuVHlwZSI6ImNsaWVudCJ9\nfTAKBggqhkjOPQQDAgNIADBFAiEAvf+z1GDS9roj1XcH4yMwyJKaYpxeQK/4YTul\nu7CVX2ECIFfQvMj5lBQZUH6/C1B0T1p+5IYtukpcKf9rS4n6k1hE\n-----END CERTIFICATE-----\n" ] }, "httpOptions": { "verify": false } } } } ``` The client application runing result: ```log D 2023-03-27T19:33:27.851Z | subchannel | (2) 10.0.138.232:30003 creating HTTP/2 session D 2023-03-27T19:33:27.857Z | subchannel | (2) 10.0.138.232:30003 connection closed with error unable to verify the first certificate D 2023-03-27T19:33:27.857Z | subchannel | (2) 10.0.138.232:30003 connection closed D 2023-03-27T19:33:27.857Z | subchannel | (2) 10.0.138.232:30003 CONNECTING -> TRANSIENT_FAILURE D 2023-03-27T19:33:27.858Z | pick_first | CONNECTING -> TRANSIENT_FAILURE D 2023-03-27T19:33:27.858Z | resolving_load_balancer | dns:nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003 CONNECTING -> TRANSIENT_FAILURE D 2023-03-27T19:33:27.858Z | connectivity_state | (1) dns:nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003 CONNECTING -> TRANSIENT_FAILURE 2023-03-27T19:33:29.830Z - error: [ServiceEndpoint]: Error: Failed to connect before the deadline on Endorser- name: peer0.org.SDL.aws.com, url:grpcs://nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003, connected:false, connectAttempted:true 2023-03-27T19:33:29.831Z - error: [ServiceEndpoint]: waitForReady - Failed to connect to remote gRPC server peer0.org.SDL.aws.com url:grpcs://nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003 timeout:3000 2023-03-27T19:33:29.832Z - info: [NetworkConfig]: buildPeer - Unable to connect to the endorser peer0.org.SDL.aws.com due to Error: Failed to connect before the deadline on Endorser- name: peer0.org.SDL.aws.com, url:grpcs://nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003, connected:false, connectAttempted:true at checkState (/home/ubuntu/AMBS/cli-typescript/node_modules/@grpc/grpc-js/build/src/client.js:77:26) at Timeout._onTimeout (/home/ubuntu/AMBS/cli-typescript/node_modules/@grpc/grpc-js/build/src/channel.js:525:17) at listOnTimeout (node:internal/timers:559:17) at processTimers (node:internal/timers:502:7) { connectFailed: true } D 2023-03-27T19:33:31.029Z | subchannel | (2) 10.0.138.232:30003 TRANSIENT_FAILURE -> CONNECTING D 2023-03-27T19:33:31.030Z | pick_first | TRANSIENT_FAILURE -> CONNECTING D 2023-03-27T19:33:31.030Z | resolving_load_balancer | dns:nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003 TRANSIENT_FAILURE -> CONNECTING D 2023-03-27T19:33:31.030Z | connectivity_state | (1) dns:nd-wup4jgvqsvhwharbvdpg6yvr3y.m-bz5qr6rhcveqxfjyjfrtaioe5e.n-j2ib55zmyree5fieloktt3ttim.managedblockchain.ap-northeast-1.amazonaws.com:30003 TRANSIENT_FAILURE -> CONNECTING ``` It seams that `10.0.138.232:30003 connection closed with error unable to verify the first certificate` cause the error. Maybe I use the wrong certificate files for `peer` and `peer ca`, Please tell me what's wrong I made and Where are the correct certificate files location? Thanks.lg...

I am using the API docs for Cognito and have found several of the pages (or sections of pages) display as markup. For example https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-cognito-identity-provider/interfaces/admincreateusercommandinput.html And https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-cognito-identity-provider/classes/admincreateusercommand.html I'm not sure if this is intentional, but I suspect that it is not.lg...

Let us say, I want to do versioning of APIs both for internal usage (client app) lambdas as well as for exposing some set of APIs (lambdas) for a third-party system. Before even starting to version, I want to enquire whether there is possibility of having multiple API Gateways for the same ? One for managing and deploying the internal APIs and another for deploying the APIs to expose to third-party system without cloud-front. Or can single API gateway can manage both flows ? What is the best method to manage this ? Any suggestion / approach would be appreciated.lg...

So after launching the IDT　for greengrass v2 it shows: ``` ========== Test Summary ========== the Greengrass deployment is COMPLETED on the device after 180 seconds' 17:05:41.182 [] [cloudComponent] [idt-3ed646a1c6d65be8f45d] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'As a developer, I can create a component in Cloud and deploy it on my device via thing group': Failed at 'the Greengrass deployment is COMPLETED on the device after 180 seconds' [ERROR] [2023-03-27 17:05:46]: Test exited unsuccessfully error=exit status 1 executionId=cb788e4e-cc79-11ed-90c7-080027641c32 testCaseId=cloudcomponent [INFO] [2023-03-27 17:05:46]: All tests finished. executionId=cb788e4e-cc79-11ed-90c7-080027641c32 [INFO] [2023-03-27 17:05:48]: ========== Test Summary ========== Execution Time: 34m1s Tests Completed: 7 Tests Passed: 5 Tests Failed: 2 Tests Skipped: 0 ---------------------------------- Test Groups: component: FAILED lambdadeployment: PASSED pretestvalidation: PASSED coredependencies: PASSED version: PASSED mqtt: FAILED ---------------------------------- Failed Tests: Group Name: mqtt Test Name: mqttpubsub Reason: Failed at 'the Greengrass deployment is COMPLETED on the device after 300 seconds' Group Name: component Test Name: cloudcomponent Reason: Failed at 'the Greengrass deployment is COMPLETED on the device after 180 seconds' ---------------------------------- ``` the followings is a part of the greengrass-test-run.log ``` 2023-Mar-27 16:41:04,362 [mqtt] [idt-38bef2d5ba95f1ee98d1] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'Component publishes MQTT message to Iot core and retrieves it as well': Failed at 'the Greengrass deployment is COMPLETED on the device after 300 seconds' ``` in greengrass.log itshows (both mqtt and cloudcomponent) shows the same error ``` 2023-03-27T16:36:27.716Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Unable to cache expired credentials which expired at 2023-03-27T09:35:49Z. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} 2023-03-27T16:36:27.717Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=TES responded with credentials that expired at 2023-03-27T09:35:49Z} 2023-03-27T16:37:11.346Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Unable to cache expired credentials which expired at 2023-03-27T09:36:33Z. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} 2023-03-27T16:37:11.348Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=TES responded with credentials that expired at 2023-03-27T09:36:33Z} 2023-03-27T16:37:42.877Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Unable to cache expired credentials which expired at 2023-03-27T09:37:05Z. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} 2023-03-27T16:37:42.879Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=TES responded with credentials that expired at 2023-03-27T09:37:05Z} 2023-03-27T16:38:35.889Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Unable to cache expired credentials which expired at 2023-03-27T09:37:58Z. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} 2023-03-27T16:38:35.891Z [ERROR] (pool-2-thread-17) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=TES responded with credentials that expired at 2023-03-27T09:37:58Z} ``` not sure why is this happening anyone know where can I get more info about this Error the log seems did not give any extra info about itlg...

I just created an AWS account for the purpose of using AWS EC2 virtual machine at some point in the future. However I don't need to use it yet (probably in the next 6-12 months). How can I pause the 12 month free-tier until I am ready to use EC2? Thanks,lg...

I am working on adding a new library that depends on AWS JDK to my project, however, some other untouched existing component querying DynamoDB throws the exception: ``` Caused by: com.amazonaws.services.dynamodbv2.model.AmazonDynamoDBException: User not found: the_user_key (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: null; Proxy: null) ``` `the_user_key` works well before I add the new library, but it suddenly says the user was not found. I am using `com.amazonaws:aws-java-sdk-dynamodb:1.11.704`, `"com.amazonaws:aws-java-sdk-core:1.11.704"`, and there are also a bunch of `software.amazon.awssdk` with version 2.16.87. I am wondering if anybody encountered similar issues before, or if anybody could give any advice.lg...

Why is Fail2Ban completely missing from AL2023 repos? Are there instructions, including dependencies for hand installation on AL2023? Why would Amazon leave this standard component of basic hacker prevention and security out of the stack?lg...

I am following the link:- https://docs.snowflake.com/en/user-guide/admin-security-privatelink This is to set up the private link between AWS and Snowflake. The first command is aws sts get-federation-token --name sam Here i am replacing the name Sam with Root user and executing in Cloudshell. error occurred (AccessDenied) when calling the GetFederationToken operation: Cannot call GetFederationToken with session credentials Not sure if it has to do with permissions. Please adviselg...

Hello, Im trying to setup DAX to handle caching for our DynamoDB logic for our existing kubernetes cluster. However, when I follow the guides, they are incomplete. From official doc here: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.create-cluster.console.create-subnet-group.html 1. Open the **DynamoDB **console at https://console.aws.amazon.com/dynamodb/. 2. In the navigation pane, under **DAX, choose Subnet groups.** However there are NO such thing as "DAX" under DynamoDB. There is simply create table etc. When I search DAX in the console, I get no hits. How exactly am I to understand how this is to be done when the official guide itself isnt correct? Same with guides I've found, they simply do not align with how it looks in real life. Help much appreciated since our Prod enviroment is in dire need of this ASAP. Kind regards Ollelg...